CNNVD-202512-4822 Information

CNNVD ID

CNNVD-202512-4822

Related CVE

CVE-2025-68697

• CNNVD Published: 2025-12-26

Description (Chinese)

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 2.0.0之前版本存在安全漏洞，该漏洞源于Code node可调用内部辅助函数，可能导致读取或写入主机文件系统。

Description (English)

n8n is an expanded workflow automation tool for n8n open source. There was a security loophole in the previous version of n8n 2.0.0, which originated from the fact that Code Node could call an internal support function, which could lead to reading or writing to the host file system.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

n8n

Published

2025-12-26

Last Modified

2026-02-24

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q https://access.redhat.com/security/cve/cve-2025-68697

Patch

https://github.com/n8n-io/n8n/releases